Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Plugin module unable to alter firewall application groups after creation #244

Open
gneville-ot opened this issue Sep 1, 2023 · 1 comment
Open

Plugin module unable to alter firewall application groups after creation #244

gneville-ot opened this issue Sep 1, 2023 · 1 comment
Assignees
@pszulczewski
Labels
upstream Upstream Project Issue/Feature

Comments

@gneville-ot
Copy link
Contributor

ISSUE TYPE
  • Bug Report
SOFTWARE VERSIONS
pynautobot

1.5.0

Ansible:

2.12.3

Nautobot:

1.5.20

Collection:

4.5.0

SUMMARY

After creating a firewall application group it is unable to make any changes to the application objects attached afterwards.

STEPS TO REPRODUCE

Create 2 application objects and obtain the UUIDs.

Use the plugin module to create a new application object group of which one of the application objects is a member, this step works and the application group is created, subsequent runs of the exact same task work and no updates are performed as expected.

- name: "SETUP FIREWALL APPLICATION OBJECT GROUP"
  networktocode.nautobot.plugin:
    url: "{{ nb_url }}"
    token: "{{ nb_token }}"
    validate_certs: "{{ nb_validate_certs }}"
    api_version: "{{ nb_api_version }}"
    plugin: "firewall"
    endpoint: "application-object-group"
    identifiers:
      name: "MY_APPLICATION_GROUP"
    attrs:
      description: "My Application Group"
      application_objects:
       - 43de24dd-4358-403f-a26e-253659ad2e48
      status: "active"
    state: "present"

Attempt to add or remove application objects from the group and it will error. For example here a new application object is being added:

- name: "SETUP FIREWALL APPLICATION OBJECT GROUP"
  networktocode.nautobot.plugin:
    url: "{{ nb_url }}"
    token: "{{ nb_token }}"
    validate_certs: "{{ nb_validate_certs }}"
    api_version: "{{ nb_api_version }}"
    plugin: "firewall"
    endpoint: "application-object-group"
    identifiers:
      name: "MY_APPLICATION_GROUP"
    attrs:
      description: "My Application Group"
      application_objects:
       - 43de24dd-4358-403f-a26e-253659ad2e48
       - 34bf520f-a171-4647-8298-59ac264023b9
      status: "active"
    state: "present"
EXPECTED RESULTS

The firewall application group can be updated to add or remove application objects as needed

ACTUAL RESULTS

Error returned.

For some odd reason a query is performed towards the 'application-object' endpoint but using the UUID of the application group, which is why it isn't found.

    pynautobot.core.query.RequestError: The requested url: https://<fqdn>/api/plugins/firewall/application-object/573eb9e5-68bb-4306-a469-d0d25290f891/ could not be found.

The same doesn't happen for 'address groups'.
@pszulczewski pszulczewski self-assigned this Sep 1, 2023
@pszulczewski pszulczewski mentioned this issue Sep 30, 2023
Merged
3 tasks
@pszulczewski
Copy link
Contributor

This is an issue in firewall plugin. It has invalid url field in application-object-group.
Issue created. nautobot/nautobot-app-firewall-models#181

@joewesch joewesch added the upstream Upstream Project Issue/Feature label Mar 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pszulczewski pszulczewski

Labels
upstream Upstream Project Issue/Feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@joewesch @pszulczewski @gneville-ot